Re: [PATCH RFC 04/15] KVM: Implement ring-based dirty memory tracking
From: Peter Xu
Date: Mon Dec 02 2019 - 18:10:00 EST
On Mon, Dec 02, 2019 at 01:50:49PM -0800, Sean Christopherson wrote:
> On Mon, Dec 02, 2019 at 04:16:40PM -0500, Peter Xu wrote:
> > On Mon, Dec 02, 2019 at 12:10:36PM -0800, Sean Christopherson wrote:
> > > On Fri, Nov 29, 2019 at 04:34:54PM -0500, Peter Xu wrote:
> > > > Currently, we have N+1 rings for each VM of N vcpus:
> > > >
> > > > - for each vcpu, we have 1 per-vcpu dirty ring,
> > > > - for each vm, we have 1 per-vm dirty ring
> > >
> > > Why? I assume the purpose of per-vcpu rings is to avoid contention between
> > > threads, but the motiviation needs to be explicitly stated. And why is a
> > > per-vm fallback ring needed?
> >
> > Yes, as explained in previous reply, the problem is there could have
> > guest memory writes without vcpu contexts.
> >
> > >
> > > If my assumption is correct, have other approaches been tried/profiled?
> > > E.g. using cmpxchg to reserve N number of entries in a shared ring.
> >
> > Not yet, but I'd be fine to try anything if there's better
> > alternatives. Besides, could you help explain why sharing one ring
> > and let each vcpu to reserve a region in the ring could be helpful in
> > the pov of performance?
>
> The goal would be to avoid taking a lock, or at least to avoid holding a
> lock for an extended duration, e.g. some sort of multi-step process where
> entries in the ring are first reserved, then filled, and finally marked
> valid. That'd allow the "fill" action to be done in parallel.
Considering that per-vcpu ring should be no worst than this, so iiuc
you prefer a single per-vm ring here, which is without per-vcpu ring.
However I don't see a good reason to split a per-vm resource into
per-vcpu manually somehow, instead of using the per-vcpu structure
directly like what this series does... Or could you show me what I've
missed?
IMHO it's really a natural thought that we should use kvm_vcpu to
split the ring as long as we still want to make it in parallel of the
vcpus.
>
> In case it isn't clear, I haven't thought through an actual solution :-).
Feel free to shoot when the ideas come. :) I'd be glad to test your
idea, especially where it could be better!
>
> My point is that I think it's worth exploring and profiling other
> implementations because the dual per-vm and per-vcpu rings has a few warts
> that we'd be stuck with forever.
I do agree that the interface could be a bit awkward to keep these two
rings. Besides this, do you still have other concerns?
And when you say about profiling, I hope I understand it right that it
should be something unrelated to this specific issue that we're
discussing (say, on whether to use per-vm ring, or per-vm + per-vcpu
rings) because for performance imho it's really the layout of the ring
that could matter more, and how the ring is shared and accessed
between the userspace and kernel.
For current implementation (I'm not sure whether that's initial
version from Lei, or Paolo, anyway...), IMHO it's good enough from
perf pov in that it at least supports:
(1) zero copy
(2) complete async model
(3) per-vcpu isolations
None of these is there for KVM_GET_DIRTY_LOG. Not to mention that
tracking dirty bits are not really that "performance critical" - if
you see in QEMU we have plenty of ways to explicitly turn down the CPU
like cpu-throttle, just because dirtying pages and even with the whole
tracking overhead is too fast already even using KVM_GET_DIRTY_LOG,
and the slow thing is QEMU when collecting and sending the pages! :)
>
> > > IMO,
> > > adding kvm_get_running_vcpu() is a hack that is just asking for future
> > > abuse and the vcpu/vm/as_id interactions in mark_page_dirty_in_ring()
> > > look extremely fragile.
> >
> > I agree. Another way is to put heavier traffic to the per-vm ring,
> > but the downside could be that the per-vm ring could get full easier
> > (but I haven't tested).
>
> There's nothing that prevents increasing the size of the common ring each
> time a new vCPU is added. Alternatively, userspace could explicitly
> request or hint the desired ring size.
Yeah I don't have strong opinion on this, but I just don't see it
greatly helpful to explicitly expose this API to userspace. IMHO for
now a global ring size should be good enough. If userspace wants to
make it fast, the ring can hardly gets full (because the collection of
the dirty ring can be really, really fast if the userspace wants).
>
> > > I also dislike having two different mechanisms
> > > for accessing the ring (lock for per-vm, something else for per-vcpu).
> >
> > Actually I proposed to drop the per-vm ring (actually I had a version
> > that implemented this.. and I just changed it back to the per-vm ring
> > later on, see below) and when there's no vcpu context I thought about:
> >
> > (1) use vcpu0 ring
> >
> > (2) or a better algo to pick up a per-vcpu ring (like, the less full
> > ring, we can do many things here, e.g., we can easily maintain a
> > structure track this so we can get O(1) search, I think)
> >
> > I discussed this with Paolo, but I think Paolo preferred the per-vm
> > ring because there's no good reason to choose vcpu0 as what (1)
> > suggested. While if to choose (2) we probably need to lock even for
> > per-cpu ring, so could be a bit slower.
>
> Ya, per-vm is definitely better than dumping on vcpu0. I'm hoping we can
> find a third option that provides comparable performance without using any
> per-vcpu rings.
I'm still uncertain on whether it's a good idea to drop the per-vcpu
ring (as stated above). But I'm still open to any further thoughts
as long as I can start to understand when the only-per-vm ring would
be better.
Thanks!
--
Peter Xu